JBoss.orgCommunity Documentation

PicketLink Reference Documentation

PicketLink

Version 2.5.2.Final

Table of Contents

1. Overview
1.1. What is PicketLink?
1.2. Where do I get started?
1.2.1. QuickStarts
1.2.2. API Documentation
1.3. Modules
1.3.1. Base module
1.3.2. Identity Management
1.3.3. Federation
1.4. License
1.5. Maven Dependencies
1.6. PicketLink Installer
1.7. Help us improve the docs!
2. Authentication
2.1. Overview
2.2. Authentication API - the Identity bean
2.3. The Authentication Process
2.3.1. A Basic Authenticator
2.3.2. Multiple Authenticator Support
2.3.3. Credentials
2.3.4. DefaultLoginCredentials
3. Identity Management - Overview
3.1. Introduction
3.1.1. Injecting the Identity Management Objects
3.1.2. Interacting with PicketLink IDM During Application Startup
3.1.3. Configuring the Default Partition
3.2. Getting Started - The 5 Minute Guide
3.3. Identity Model
3.3.1. Which Identity Model Should My Application Use?
3.4. Creating a Custom Identity Model
3.4.1. The @AttributeProperty Annotation
3.4.2. The @Unique Annotation
3.5. Creating Custom Relationships
3.6. Partition Management
3.6.1. Creating Custom Partitions
4. Identity Management - Credential Validation and Management
4.1. Authentication
4.2. Managing Credentials
4.3. Credential Handlers
4.3.1. The CredentialStore interface
4.4. Built-in Credential Handlers
4.4.1. Username/Password-based Credential Handler
4.4.2. DIGEST-based Credential Handler
4.4.3. X509-based Credential Handler
4.4.4. Time-based One Time Password Credential Handler
4.5. Credentials for Custom Account Types
5. Identity Management - Basic Identity Model
5.1. Basic Identity Model
5.1.1. Utility Class for the Basic Identity Model
5.2. Managing Users, Groups and Roles
5.2.1. Managing Users
5.2.2. Managing Groups
5.3. Managing Relationships
5.3.1. Built In Relationship Types
5.4. Realms and Tiers
6. Identity Management - Configuration
6.1. Configuration
6.1.1. Architectural Overview
6.1.2. Default Configuration
6.1.3. Providing a Custom Configuration
6.1.4. Programmatic Configuration Overview
6.1.5. Providing Multiple Configurations
6.1.6. Providing Multiple Stores for a Configuration
6.1.7. Configuring Credential Handlers
6.1.8. Identity Context Configuration
6.1.9. IDM configuration from XML file
7. Identity Management - Working with JPA
7.1. JPAIdentityStoreConfiguration
7.1.1. Default Database Schema
7.1.2. Configuring an EntityManager
7.1.3. Mapping IdentityType Types
7.1.4. Mapping Partition Types
7.1.5. Mapping Relationship Types
7.1.6. Mapping Attributes for AttributedType Types
7.1.7. Mapping a CredentialStorage type
7.1.8. Configuring the Mapped Entities
7.1.9. Providing a EntityManager
8. Identity Management - Working with LDAP
8.1. LDAPIdentityStoreConfiguration
8.1.1. Configuration
9. PicketLink Subsystem
9.1. Overview
9.2. Installation and Configuration
9.3. Configuring the PicketLink Dependencies for your Deployment
9.4. Domain Model
9.5. Identity Management
9.5.1. JPAIdentityStore
9.5.2. Usage Examples
9.6. Federation
9.6.1. The Federation concept (Circle of Trust)
9.6.2. Federation Domain Model
9.6.3. Usage Examples
9.6.4. Metrics and Statistics
9.7. Management Capabilities
10. Federation
10.1. Overview
10.2. SAML SSO
10.3. SAML Web Browser Profile
10.4. PicketLink SAML Specification Support
10.5. SAML v2.0
10.5.1. Which Profiles are supported ?
10.5.2. Which Bindings are supported ?
10.5.3. PicketLink Identity Provider (PIDP)
10.5.4. PicketLink Service Provider (PSP)
10.5.5. SAML Authenticators (Tomcat,JBossAS)
10.5.6. Digital Signatures in SAML Assertions
10.5.7. SAML2 Handlers
10.5.8. Single Logout
10.5.9. SAML2 Configuration Providers
10.5.10. Metadata Support
10.5.11. Token Registry
10.5.12. Standalone vs JBossAS Distribution
10.5.13. Standalone Web Applications(All Servlet Containers)
10.6. SAML v1.1
10.6.1. SAML v1.1
10.6.2. PicketLink SAML v1.1 Support
10.7. Trust
10.7.1. Security Token Server (STS)
10.8. Extensions
10.8.1. Extensions
10.8.2. PicketLinkAuthenticator
10.9. PicketLink API
10.9.1. Working with SAML Assertions
10.10. 3rd party integration
10.10.1. Picketlink as IDP, Salesforce as SP
10.10.2. Picketlink as SP, Salesforce as IDP
10.10.3. Picketlink as IDP, Google Apps as SP
Glossary

List of Figures

10.1. TODO InformalFigure image title empty
10.2. TODO InformalFigure image title empty
10.3. TODO InformalFigure image title empty
10.4. TODO Gliffy image title empty
10.5. TODO InformalFigure image title empty
10.6. TODO InformalFigure image title empty
10.7. TODO InformalFigure image title empty
10.8. TODO InformalFigure image title empty
10.9. TODO InformalFigure image title empty
10.10. TODO InformalFigure image title empty
10.11. TODO InformalFigure image title empty

List of Tables

3.1. Identity Management Objects
4.1. Built-in credential types
4.2. Configuration Parameters
4.3. Configuration Parameters
7.1. IdentityType Annotations
7.2. Partition Annotations
7.3. Relationship Annotations
7.4. Partition Annotations
7.5. Partition Annotations
8.1. LDAP Configuration Options

List of Examples

7.1. Example
7.2. Example
7.3. Example
7.4. Example
7.5. Example
7.6. Example
10.1. context.xml
10.2. context.xml
10.3. context.xml
10.4. context.xml
10.5. context.xml
10.6. WEB-INF/picketlink-handlers.xml
10.7. WEB-INF/picketlink-handlers.xml
10.8. WEB-INF/picketlink-handlers.xml
10.9. WEB-INF/picketlink-handlers.xml
10.10. WEB-INF/picketlink-handlers.xml
10.11. WEB-INF/picketlink-handlers.xml
10.12. WEB-INF/picketlink-handlers.xml
10.13. WEB-INF/picketlink-handlers.xml
10.14. web.xml
10.15. web.xml
10.16. jsp/login.jsp
10.17. jsp/error.jsp
10.18. STSWSClientTestCase.java
10.19. handlers.xml